Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2014-05-12

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:49 jfroot_ joined #openam
01:00 MegaMatt joined #openam
01:51 jjpp joined #openam
01:55 _br_ joined #openam
06:52 aldaris joined #openam
07:12 pfreixes joined #openam
07:13 aldaris joined #openam
07:15 rghose joined #openam
07:39 fatbloke joined #openam
08:08 aldaris Good morning
08:09 asyd morning folks
08:25 rghose in a session failover setup, one openam container gives its own port (in.well-known/openid-configuration url) instead of the site port. I am using tomcat and one of them uses http and the other https. Any one can tell me why?
08:25 aldaris there is a bug for that
08:25 rghose omg. https and wrong port?
08:26 aldaris there is a bug for not using the site url
08:26 aldaris maybe you configured the tomcat connectors differently
08:26 rghose yeah I am actually trying to work around. :D
08:26 rghose yes I did
08:27 rghose so what I am trying to understand is that, how does it get that port from?
08:27 rghose where*
08:27 aldaris proxyPort?
08:27 rghose hm, since I did not specify any value of that, it could be using it's own?
08:30 rghose yeah that was it. thanks again
08:43 pfreixes aldaris: Ive a bug that I found one week ago about json api
08:43 aldaris good for you :)
08:43 pfreixes where can I fill a bug ? or where can I report it ?
08:43 aldaris bugster.forgerock.org
08:44 pfreixes oks
08:45 rghose any way I can get the oauth2 authorisation page working? Seems like it does not save consents at all!?
08:45 aldaris I would say get familiar with the code, you'll need it
08:46 rghose seems so.
08:46 rghose place to start?
08:46 aldaris we did fix some issues around consent handling, but not sure if you are running into it
08:47 rghose well on checking the box "save consent" it should not ask for consent the next time?
08:47 aldaris one could only hope :)
08:47 rghose next time the same agent is used right?
08:47 rghose yeah and the prayers do not seem to be working
08:47 rghose :D
08:48 rghose where would I find that errant html being generated?
08:48 aldaris look for .ftl files
08:48 aldaris it's a freemarker template iirc
08:48 rghose jok
08:48 rghose ok*
08:50 pfreixes aldaris: bugster doesnt get a right way to add new bugs wihtout permisions, isn't it ?
08:50 aldaris you'll need to have a registered user
08:51 pfreixes oks
09:13 aldaris ah, that's a shame
11:05 MegaMatt joined #openam
11:09 rghose joined #openam
11:18 rghose where can I get the source for 11.0.0
11:18 aldaris from SVN
11:18 rghose The source I downloaded seems to be 12?
11:18 aldaris then you did it wrong
11:18 rghose okay
11:19 aldaris https://wikis.forgerock.org/confluence/​display/openam/OpenAM+Branches+and+Tags
11:19 aldaris https://wikis.forgerock.org/confluence/​display/openam/Build+OpenAM+from+Source
11:19 rghose so trunk is 12?
11:19 aldaris bingo
11:19 rghose thanks a lot dude
11:20 rghose and 11.0.0 contains all patches upto 11.0.1?
11:20 aldaris common sense says no
11:21 rghose what does the fox say?
11:21 aldaris don't know, this may help though: https://www.youtube.com/watch​?v=jofNR_WkoCE&feature=kp
11:22 rghose haha
11:23 pfreixes joined #openam
11:23 rghose so where do commits for 11.0.0 go?
11:23 rghose into trunk?
11:24 aldaris 11.0.0 version is finished, there are no commits made against it
11:24 aldaris there is a sustaining branch called 11.0.x, but that is not available for community
11:24 aldaris if you need fixes then you may look at trunk and backport them manually
11:25 rghose hm, since the bugs I am interested in are not fixed either. Guess it is not going to help
14:03 pfreixes joined #openam
14:18 cocotton joined #openam
14:19 cocotton Hey all, I just deployed a new fedlet on one of our app. When I try to reach the app, I land on the "Validate Fedlet Setup" page. Everything seems to be fine, yet I'm not sure how to leave that page...
14:20 cocotton By that I mean that I can't access my app anymore
14:31 roysjosh joined #openam
14:46 cocotton joined #openam
14:59 aldaris cocotton: hey
14:59 cocotton aldaris: Hello
14:59 aldaris fedlet is a WAR, hence deploying it should result in overriding your original app
15:00 aldaris instead you should modify your app to include the fedlet libraries and adjust your application to use the API (the fedlet.war should guide you on that front)
15:00 cocotton aldaris: Unfortunately, the way the app is made make me unzip the fedlet then put all the .jsp files and other contents of the war into a directory (I know, this is terrible)
15:00 aldaris Bernhard though keeps on telling that spring saml extension is much simpler to use
15:01 cocotton Problem here is that I'm a sysadmin which now has to make all of this work (sight), hence I can't really touch the code
15:02 cocotton So I was just wondering. Yet I found that the index.jsp seems to be the file always redirecting me to the setup page
15:02 aldaris well both fedlet and the spring saml extension should be quite intrusive
15:02 aldaris quite likely you would have to modify your app with either one of them
15:02 cocotton Aye sir, I'll go talk to the dev about that :)
15:03 aldaris shibboleth SP (on an Apache RP) would be less intrusive, but then you still would have to know how the app performs authentication and authorization
15:04 aldaris enabling SAML support for an application isn't a matter of flipping a magic switch :)
15:31 aldaris joined #openam
16:01 aldaris joined #openam
16:03 pfreixes joined #openam
16:07 aldaris joined #openam
16:11 aldaris joined #openam
16:28 rghose joined #openam
17:31 khushildep joined #openam
17:52 jfroot Hey aldaris: not sure if you remember or not.. but I was curious about becoming a paid customer so we are able to get timely pre-compiled security releases etc.
17:52 aldaris yepp
17:52 jfroot When I last spoke with the sales dept. i was told that the co. was not interested in dealing with people who want less than 1000 user license
17:53 aldaris I've escalated your case to my boss, who did the same with his boss :)
17:53 jfroot OK.. thanks :)
17:53 jfroot It seems there is a growing number of people in small/medium businesses that OpenAM could get business from
17:53 aldaris I believe there is a plan to issue open source licenses for small businesses
17:54 aldaris possibly still won't be exactly free, but it would be more affordable
17:54 jfroot What we really want is the ability to have security releases. Digging through change sets and applying to trunk manually is painful
17:54 zendron joined #openam
17:54 aldaris martv from here wanted to look into it AFAIK
17:54 aldaris where did you get on that martv?
17:58 pfreixes joined #openam
18:41 metadaddy|beer joined #openam
18:53 aldaris1 joined #openam
20:13 khushildep joined #openam
21:14 jfroot with regard to that recent security vulnerability, is there a patch available for 11.0 trunk?
21:14 aldaris1 there is, but unfortunately it's only available to customers..
21:15 jfroot until I have my licensing sorted out, what is the best recommendation to remediate?
21:16 aldaris go to http://go.forgerock.com/2014​OpenAM1101SecurityAlert.html , download the patch for 10.0.0, diff it to 10.0.0 tag, and apply the diff to 11.0.0 and hope for the best
21:18 jfroot oh boy… ok here goes

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary